.

Am I Secure?

<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Wed Feb 04, 2009 4:26 pm

Am I Secure?

Hey folks,

I was wondering if I had done the basics to secure my Access Point, how secure am I truly? What I've done so far is implemented WPA2, enabled MAC Address filtering, have hidden my SSID, disabled uPnP...is this really enough? Do you guys suggest changing my PSK every week or so, if not how often? Are there any type of tools out there that can identify my SSID even if I have it set to not broadcast? Appreciate the help!
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

SynJunkie

Jr. Member
Jr. Member

Posts: 71

Joined: Thu Apr 17, 2008 2:41 pm

Location: UK

Post Wed Feb 04, 2009 4:32 pm

Re: Am I Secure?

i know you would have but i'll ask anyway. 

Have you changed the default password, disabled wireless administration and upgraded the firmware?

Syn
----------------------------------
http://synjunkie.blogspot.com
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Wed Feb 04, 2009 4:36 pm

Re: Am I Secure?

I guess I forgot to include those. I didn't disable the wireless administration, but I do often upgrade the firmware and of course have changed the default http password, going to do that one now. Thanks. I also have a damn strong key, I'm not exactly worried about a user cracking my Encryption, just wondering if I've done about all I can do.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

SynJunkie

Jr. Member
Jr. Member

Posts: 71

Joined: Thu Apr 17, 2008 2:41 pm

Location: UK

Post Wed Feb 04, 2009 4:46 pm

Re: Am I Secure?

Put it this way.  You've done enough for someone like me to move on and find another wifi access point!
----------------------------------
http://synjunkie.blogspot.com
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Wed Feb 04, 2009 4:51 pm

Re: Am I Secure?

Sweet...and being a fan of your blog, you walking away from an access point is rare... I take it I'm fairly secure for now...thanks again for the input...still willing to accept others if you have any!
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Wed Feb 04, 2009 4:53 pm

Re: Am I Secure?

Hidden SSIDs can still be seen very easily with a tool like airodump-ng.
Also make sure your password is somewhat randomly generated, people are trying dictionary attacks against WPA/WPA2 access points, I believe.
Put that in your pipe and grep it!
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Wed Feb 04, 2009 4:55 pm

Re: Am I Secure?

I'll have to look more into that tool to see if I can get it to identify my SSID. As for dictionary attacks and for randomly-generating a pass phrase, that's just about what I have right now, I also have my pass phrase starting with a Z, I figure if an attackers going to actually go and wait outside my house while running a dictionary attack against my key, he'd be waiting a long enough time that he'd eventually give up and go onto an easier target, or I'd notice his ass outside my house.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Wed Feb 04, 2009 5:02 pm

Re: Am I Secure?

It's a good tool, comes with BackTrack. I have a laptop sitting on my desk, (it has no hard drive or battery :( ) it's only use it to boot a BackTrack disc once in a while and check out wireless networks, etc. ;)
Put that in your pipe and grep it!
<<

SynJunkie

Jr. Member
Jr. Member

Posts: 71

Joined: Thu Apr 17, 2008 2:41 pm

Location: UK

Post Wed Feb 04, 2009 5:08 pm

Re: Am I Secure?

Thanks for the compliment on my blog, i appreciate it.

one other thing, you could play around with the DHCP scope, can you limit the leases handed out and move the subnet to something other than 192.168.1.x

This, along with your other measures makes an attackers job a little harder.

Regards

Syn

P.S or you could be plain evil, by securing it slightly so you know whoever uses it has used it knowing that they have bypassed your security, and then put an old linux box between your AP and the internet and capture all the traffic.  Sorry, i shouldn't think out loud, i'd better put that hat away again ;-)
----------------------------------
http://synjunkie.blogspot.com
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Wed Feb 04, 2009 5:26 pm

Re: Am I Secure?

SynJunkie you grey hat! eth3real, sounds like you need to replace that bad boy.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

SynJunkie

Jr. Member
Jr. Member

Posts: 71

Joined: Thu Apr 17, 2008 2:41 pm

Location: UK

Post Wed Feb 04, 2009 5:40 pm

Re: Am I Secure?

oh, one last thing from me on this.  I believe that there are ways of disabling the SSID broadcast altogether (if your router supports it), but be aware that any clients connecting will likely broadcast it initially. So you might want to be aware of that point.

Cheers

Syn
----------------------------------
http://synjunkie.blogspot.com
<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Wed Feb 04, 2009 6:20 pm

Re: Am I Secure?

What I always find interesting about wireless hacking is the difference between theoretical hacks that might work in a lab in a perfect environment and hacks that work in the real world. There is a difference and  its important to learn the difference and that only happens with experience.  If you have implemented all you say you have, practically speaking your network is safe. At least for now, lol.  ;)
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Wed Feb 04, 2009 10:00 pm

Re: Am I Secure?

I agree, you're probably very safe from anyone that would randomly start trying to gain access to your wifi.

My wifi router at home has pretty much the same level of security, and I don't feel like I should be worried about it.
I once had a guy in my neighborhood compliment me because mine was the only wifi network he couldn't break into (he assumed it was me because I have the CEH sticker on the back of my car). It was rather amusing. :)
Put that in your pipe and grep it!
<<

vijay2

Full Member
Full Member

Posts: 220

Joined: Wed Mar 28, 2007 6:22 am

Post Thu Feb 05, 2009 7:41 am

Re: Am I Secure?

Its nice to see that you have gone through the trouble and securing your wifi network. But the question still remains are you Secure ? .. Well no1 can answer that.

For me, the amount of effort I put in to secure something is directly proportional to the data I am trying to protect. SO the question is what are you trying to protect ?

Again, as you said about the strong password, hiding SSID, MAC addr authentication all that can be easily broken if some1 does capture enough packets and work on that offline and then come back with all the info needed. The tools to achive that were mentioned by Josh in the last "Perfect Strom Webcast".

So again the question remains are you secure ? ummmm it all depends how bad someone wants your data, but defense in depth is a great way to go.

Just me 1 cent

VJ
GPEN GCFA GCIH CISSP CISA GSEC OSCP C|EH Security+
<<

sgt_mjc

Sr. Member
Sr. Member

Posts: 294

Joined: Tue Feb 05, 2008 8:34 am

Location: AL

Post Thu Feb 05, 2009 8:37 am

Re: Am I Secure?

Syn,
Going along with your slightly secure with Linux inbetween, my neighborhood has some many open APs its not funny. So to that end I found an old 802.11b router that I'm thinking of setting as a honey pot jsut for grins to gather some traffic ;). Any advice on that?
Mike Conway
CISSP
CompTia Security +
C|EH
Next

Return to Wireless

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software